Speaking at the SANS Incident Detection Summit

24 Nov, 2009

At the upcoming
SANS Incident Detection Summit on December 9th and 10th I will be participating
in two panel discussions. The first is entitled "Enterprise Network Detection
Tools and Tactics" and is described by Richard Bejtlich
(who has organized the whole conference) as a venue where "speakers with large-scale
experience will share their tools and tactics for identifying suspicious and malicious
activity". The second, "Detection Using Logs", focuses on the usage of platform,
operating system, and application logs to detect intrusions, and Security Information
Management and log aggregation and search systems will be discussed.